GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,421

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,100 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client... High Unreviewed

CVE-2018-18859 was published May 13, 2022

Multiple local privilege escalation vulnerabilities have been identified in the LiquidVPN client... High Unreviewed

CVE-2018-18856 was published May 13, 2022

The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Privilege Escalation... Moderate Unreviewed

CVE-2018-15726 was published May 13, 2022

Zivif PR115-204-P-RS V2.3.4.2103 and V4.7.4.2121 (and possibly in-between versions) web cameras... Critical Unreviewed

CVE-2017-17105 was published May 13, 2022

cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute... Critical Unreviewed

CVE-2017-18025 was published May 13, 2022

A remote command injection vulnerability exists in the Barracuda Load Balancer product line ... High Unreviewed

CVE-2017-6320 was published May 13, 2022

phpFileManager 0.9.8 allows remote attackers to execute arbitrary commands via a crafted URL. High Unreviewed

CVE-2015-5958 was published May 13, 2022

Mercurial vulnerable to arbitrary code injection Critical

CVE-2017-17458 was published for mercurial (pip) May 13, 2022

Akeneo PIM vulnerable to shell injection in the mass edition Critical

CVE-2017-1000009 was published for akeneo/pim-community-dev (Composer) May 13, 2022

elFinder command injection vulnerability in the PHP connector Critical

CVE-2019-9194 was published for studio-42/elfinder (Composer) May 13, 2022

An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively.... Critical Unreviewed

CVE-2019-9121 was published May 13, 2022

daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via... Critical Unreviewed

CVE-2019-8427 was published May 13, 2022

An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U,... High Unreviewed

CVE-2019-7384 was published May 13, 2022

An issue was discovered on Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W devices with... High Unreviewed

CVE-2019-7383 was published May 13, 2022

An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U,... High Unreviewed

CVE-2019-7385 was published May 13, 2022

Zen Load Balancer 3.10.1 allows remote authenticated admin users to execute arbitrary commands as... High Unreviewed

CVE-2019-7301 was published May 13, 2022

TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3.0) are affected by command... High Unreviewed

CVE-2019-6487 was published May 13, 2022

In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated user can execute arbitrary... High Unreviewed

CVE-2019-5425 was published May 13, 2022

IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal is vulnerable to command injection. An... Critical Unreviewed

CVE-2019-4202 was published May 13, 2022

Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version... High Unreviewed

CVE-2019-3914 was published May 13, 2022

Grandstream GXV3611IR_HD before 1.0.3.23 devices allow remote authenticated users to execute... High Unreviewed

CVE-2019-10660 was published May 13, 2022

Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to execute... High Unreviewed

CVE-2019-10662 was published May 13, 2022

Grandstream GWN7000 before 1.0.6.32 devices allow remote authenticated users to execute arbitrary... High Unreviewed

CVE-2019-10656 was published May 13, 2022

Grandstream GWN7610 before 1.0.8.18 devices allow remote authenticated users to execute arbitrary... High Unreviewed

CVE-2019-10658 was published May 13, 2022

Grandstream GXV3370 before 1.0.1.41 and WP820 before 1.0.3.6 devices allow remote authenticated... High Unreviewed

CVE-2019-10659 was published May 13, 2022

Previous 1…143…164 Next

Previous 1 2 … 141 142 143 144 145 … 163 164 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,100 advisories